Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e5a629-8f68-432e-9e5a-c419e7129928/1/gc4cI6R09LH1_XMHqGhnrd1fnzU.roa
File: gc4cI6R09LH1_XMHqGhnrd1fnzU.roa (raw, json)
Hash identifier: eknYsPReIw7Rm7V83l8HEhRF8JkgoZYtFyqbECJwKXc=
Subject key identifier: 81:CE:1C:23:A4:74:F4:B1:F5:FD:73:07:A8:68:67:AD:DD:5F:9F:35
Certificate issuer: /CN=e758524459f91350bf3a70bddea02bb7f198f627
Certificate serial: 018CC79562E2090D73E6AE78E0B141677A4A
Authority key identifier: E7:58:52:44:59:F9:13:50:BF:3A:70:BD:DE:A0:2B:B7:F1:98:F6:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51hSRFn5E1C_OnC93qArt_GY9ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/e5a629-8f68-432e-9e5a-c419e7129928/1/gc4cI6R09LH1_XMHqGhnrd1fnzU.roa
Signing time: Tue 02 Jan 2024 00:31:45 +0000
ROA not before: Tue 02 Jan 2024 00:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203039
IP address blocks: 185.153.52.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 15:08:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:62:e2:09:0d:73:e6:ae:78:e0:b1:41:67:7a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e758524459f91350bf3a70bddea02bb7f198f627
Validity
Not Before: Jan 2 00:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ce1c23a474f4b1f5fd7307a86867addd5f9f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3d:ab:54:29:18:91:08:1e:e1:33:44:d6:65:
d9:29:3b:dc:02:88:84:82:8f:4a:7e:99:69:c3:84:
c7:0b:bf:5a:5f:ee:f4:60:c4:2e:a1:90:e5:2b:fd:
3e:2a:98:1b:a3:56:a5:65:8c:29:1e:e1:81:ad:03:
d0:ba:5c:88:6b:88:b3:f4:3d:ac:9f:3a:97:45:b1:
f1:cf:c4:ec:09:b1:18:77:31:b2:96:62:53:88:ce:
66:22:79:f9:51:a0:0e:f2:d8:57:ae:b7:0f:94:6f:
d3:30:a7:a8:77:74:59:b9:10:08:e1:88:b5:a2:5e:
ec:e0:31:d2:3f:bb:b4:d6:b4:b7:f0:65:30:dc:96:
f5:4f:90:cf:d6:84:c5:78:79:2a:35:53:5d:db:36:
fb:85:41:38:fd:79:cf:e2:bf:bd:fc:15:78:06:ba:
54:44:12:19:11:a1:e9:71:a7:68:38:c2:38:28:77:
dc:94:a5:70:18:6a:f8:7c:da:20:7b:5b:62:e5:0c:
be:e9:64:72:8f:d9:2c:c1:c7:c6:45:f1:6a:b1:f6:
6e:13:5e:e5:6e:64:fc:77:9b:9b:ea:60:fd:b6:89:
e4:8f:bc:6f:c1:fd:66:c0:e2:70:79:e9:78:d3:4c:
a0:3c:68:3a:72:48:f5:d8:ea:0b:b1:c1:c6:2c:55:
52:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:CE:1C:23:A4:74:F4:B1:F5:FD:73:07:A8:68:67:AD:DD:5F:9F:35
X509v3 Authority Key Identifier:
keyid:E7:58:52:44:59:F9:13:50:BF:3A:70:BD:DE:A0:2B:B7:F1:98:F6:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51hSRFn5E1C_OnC93qArt_GY9ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e5a629-8f68-432e-9e5a-c419e7129928/1/gc4cI6R09LH1_XMHqGhnrd1fnzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e5a629-8f68-432e-9e5a-c419e7129928/1/51hSRFn5E1C_OnC93qArt_GY9ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.52.0/24
Signature Algorithm: sha256WithRSAEncryption
37:d1:da:0e:17:fc:6d:5f:a2:68:6a:e8:f0:88:5c:0e:cf:24:
80:75:0d:00:ed:02:ac:0f:34:24:da:85:6a:98:07:77:b6:37:
59:0a:b6:05:2f:88:5d:28:78:d6:78:b0:21:06:67:1c:4d:43:
2e:b5:53:a1:cc:f8:49:09:55:fd:95:81:b2:ea:aa:22:4d:42:
0b:9b:18:59:c1:07:a7:4b:11:f2:89:69:e2:c2:bb:d4:92:19:
5b:09:37:42:4b:93:f1:d7:31:b6:77:93:ac:65:de:f5:c3:d3:
d1:82:84:5c:ce:52:12:5b:12:8d:c3:eb:e0:b7:85:43:04:f4:
97:7a:89:dc:57:96:67:40:ba:8d:6f:e6:18:49:da:e8:62:35:
b3:36:74:27:16:c2:06:3c:cb:5e:52:e4:26:4d:fe:69:41:c7:
13:ff:be:8a:e4:aa:5e:e6:70:2f:7b:61:7d:82:02:ee:fc:86:
d8:d6:3b:80:5b:99:db:96:83:0f:f8:72:eb:e4:59:c0:d0:3e:
45:28:6e:57:c8:8a:de:3c:79:81:d8:c4:9a:7a:5f:f2:21:84:
45:d4:02:04:f9:c7:54:8c:d3:c0:ae:cd:28:08:00:1f:46:85:
8a:18:0c:65:24:f4:dd:50:90:cb:b1:47:d5:28:b0:41:37:97:
17:a1:f3:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlWLiCQ1z5q544LFBZ3pKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTg1MjQ0NTlmOTEzNTBiZjNhNzBiZGRlYTAyYmI3ZjE5
OGY2MjcwHhcNMjQwMTAyMDAzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWNlMWMyM2E0NzRmNGIxZjVmZDczMDdhODY4NjdhZGRkNWY5ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT2rVCkYkQge4TNE1mXZKTvcAoiE
go9Kfplpw4THC79aX+70YMQuoZDlK/0+Kpgbo1alZYwpHuGBrQPQulyIa4iz9D2s
nzqXRbHxz8TsCbEYdzGylmJTiM5mInn5UaAO8thXrrcPlG/TMKeod3RZuRAI4Yi1
ol7s4DHSP7u01rS38GUw3Jb1T5DP1oTFeHkqNVNd2zb7hUE4/XnP4r+9/BV4BrpU
RBIZEaHpcadoOMI4KHfclKVwGGr4fNoge1ti5Qy+6WRyj9kswcfGRfFqsfZuE17l
bmT8d5ub6mD9tonkj7xvwf1mwOJweel400ygPGg6ckj12OoLscHGLFVSOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHOHCOkdPSx9f1zB6hoZ63dX581MB8GA1UdIwQY
MBaAFOdYUkRZ+RNQvzpwvd6gK7fxmPYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFoU1JGbjVFMUNfT25DOTNxQXJ0X0dZOWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lNWE2MjktOGY2OC00MzJlLTllNWEt
YzQxOWU3MTI5OTI4LzEvZ2M0Y0k2UjA5TEgxX1hNSHFHaG5yZDFmbnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lNWE2MjktOGY2OC00MzJlLTllNWEtYzQxOWU3MTI5OTI4
LzEvNTFoU1JGbjVFMUNfT25DOTNxQXJ0X0dZOWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZk0MA0G
CSqGSIb3DQEBCwUAA4IBAQA30doOF/xtX6JoaujwiFwOzySAdQ0A7QKsDzQk2oVq
mAd3tjdZCrYFL4hdKHjWeLAhBmccTUMutVOhzPhJCVX9lYGy6qoiTUILmxhZwQen
SxHyiWniwrvUkhlbCTdCS5Px1zG2d5OsZd71w9PRgoRczlISWxKNw+vgt4VDBPSX
eoncV5ZnQLqNb+YYSdroYjWzNnQnFsIGPMteUuQmTf5pQccT/76K5Kpe5nAve2F9
ggLu/IbY1juAW5nbloMP+HLr5FnA0D5FKG5XyIrePHmB2MSael/yIYRF1AIE+cdU
jNPArs0oCAAfRoWKGAxlJPTdUJDLsUfVKLBBN5cXofPf
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:31:31 2025 by rpki-client